Maggie Bloom’s fifth contribution to the 21st Century Tech Blog looks at a subject near and dear to my heart. Back when I was a technology dinosaur in the 1990s, to secure a computer with high levels of protection, you used a plug-in dongle and token-based security. Every time you logged in and out, you had to input a random string of characters.
Over the years, I have searched for alternatives to the endless password-related security issues that come with being online. I use a single-sign-on app today. But now, passwords and digital security are about to be more complicated by artificial intelligence (AI) and quantum computing.
That’s why Maggie’s article is appropriate for the times.
Password Evolution in the Age of Rapid Technological Change
For decades, passwords have been the primary gatekeepers of our digital lives. They protect
everything from personal email accounts and financial information to workplace systems and cloud-based applications. Despite their widespread use, passwords have also become the weakest link in protecting our cyber presence, creating challenges for all.
As digital technology continues to change rapidly, the future of authentication needs to adapt as well. Advancements in AI, biometrics, cloud computing, and identity management are already transforming how people access digital services. Quantum computing going mainstream will mean much of what we use today to secure our digital presence will no longer work.
Rather than relying solely on complex strings of characters, future authentication systems need to focus on creating convenience and security, and a seamless online experience.
Beyond Password Authentication
2FA and MFA
Recently, you may have experienced two-factor (2FA) or multi-factor authentication (MFA) requests to confirm you are who you say you are. This is becoming quite common in banking apps. 2FA and MFA send push notifications to a second device or to an email address that you have identified as a trusted alternative. Usually, 2FA involves a string of characters or a set of pictures that require you to identify which ones share a common object.
Passwordless Authentication
Then there is the arrival of passwordless authentication that eliminates the need to memorize endless passwords. Because security experts and technology companies are increasingly aware of their vulnerability to phishing attacks, credential theft, and human error, they are removing passwords from the authentication process altogether.
Instead, passkeys are emerging as one of the leading solutions. These cryptographic credentials are stored securely on trusted devices and verified through biometric methods such as facial recognition, fingerprint, voice, or device PIN. To access a site or app, one or more of these may be needed. Passkeys are resistant to phishing attacks and do not require users to remember complicated routines.
Biometric Authentication
Biometric measurements, mentioned above, are increasingly becoming important for online security. Fingerprint scans, facial recognition, iris scans and voice identification (the stuff of spy movies in the past) are becoming more accessible. Smartphones today incorporate biometric security features.
Adding AI to biometrics is likely the next evolutionary step. Rather than relying on a single biometric trait, AI authentication systems could analyze multiple factors simultaneously. This layered approach would make it significantly more difficult for cybercriminals to impersonate legitimate users.
Single Sign-On Authentication
Single sign-on (SSO) technology allows users to access multiple applications and services using one verified identity. Instead of memorizing or managing dozens of unique passwords for different platforms, SSO can securely authenticate a user once to gain access to authorized systems. It addresses password fatigue and can incorporate biometric verification, passkeys, and contextual intelligence. Authentication systems will evaluate factors such as device trust, user location, network security, and behavioural patterns before granting access.
AI and Adaptive Security
AI will dramatically influence how passwords and authentication systems evolve. Traditional passwords treat every login attempt the same way, but future systems will continuously
analyze risks in real time. AI-powered security platforms will identify suspicious behaviours that may indicate compromised accounts. For example, if a user suddenly attempts to access a system from an unfamiliar location, unusual device, or unexpected time zone, the system can require stronger verification before granting access.
These adaptive authentication methods create a more intelligent security environment. Rather than requiring users to complete multiple authentication steps every time they sign in, security measures will adjust dynamically based on risk levels. This balance between convenience and protection is expected to become a defining characteristic of future authentication systems.
Digital Identity Ecosystems of the Future
Another significant advancement will be the development of comprehensive digital identity
ecosystems. Instead of creating separate accounts for every website and application, individuals may maintain trusted digital identities that can be verified across multiple services.
Governments, financial institutions, healthcare providers, and employers are likely to participate in secure identity frameworks that streamline authentication while protecting sensitive information.
The Quantum Computing Challenge
If any single technology advancement can throw a wrench into online security, it will be quantum computing. Passwords, 2FA, MFA, biometrics, digital authentication and AI-enhanced systems will all need a complete overhaul. Two algorithms used in quantum computing, Shor’s and Grover’s, can break all current cryptographic applications. They effectively will kill traditional password security’s effectiveness.
Biometric systems will be compromised because facial, fingerprint, voice, and iris scan stored templates wouldn’t hold up to quantum-enabled native decryption capability. Tokens and passkeys would equally be useless.
Quantum-based security remains a relatively new endeavour. Google and Apple are working on hybrid cybersecurity solutions. Governments are also looking at prioritizing research into quantum encryption apps. Needless to say, with quantum computing ever closer to being a useful adjunct to traditional computing platforms, there is a sense of urgency to develop algorithmic breakthroughs capable of addressing the switch from bits and bytes to qubits.
Quantum computing will need new types of cryptography because, surely, cybercriminals will be working in parallel to break these systems.
